最新版 Harbor 在ubuntu系统上安装

最新版 Harbor 在ubuntu系统上安装

The latest version of Harbor is installed on the ubuntu system

安装docker

Install docker

1 2	root@hello:~# curl -fsSL https://get.docker.com \| bash -s docker --mirror Aliyun root@hello:~#

配置Docker Compose

Configure Docker Compose

root@hello:~# sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   633  100   633    0     0   2444      0 --:--:-- --:--:-- --:--:--  2444
100 12.1M  100 12.1M    0     0  10.2M      0  0:00:01  0:00:01 --:--:-- 26.2M
root@hello:~#  sudo chmod +x /usr/local/bin/docker-compose
root@hello:~# sudo ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
root@hello:~# docker-compose --version
docker-compose version 1.29.2, build 5becea4c
root@hello:~#

下载Docker Harbor安装包

Download the Docker Harbor installation package

1 2	root@hello:~# wget https://github.com/goharbor/harbor/releases/download/v2.3.2/harbor-offline-installer-v2.3.2.tgz root@hello:~#

解压安装包

Unzip the installation package

root@hello:~# tar xvf harbor-offline-installer-v2.3.2.tgz  -C /usr/local/ 
harbor/harbor.v2.3.2.tar.gz
harbor/prepare
harbor/LICENSE
harbor/install.sh
harbor/common.sh
harbor/harbor.yml.tmpl
root@hello:~# cd /usr/local/harbor/

配置证书

Configure Certificate

root@hello:/usr/local/harbor# mkdir ca
root@hello:/usr/local/harbor# cd ca/
root@hello:/usr/local/harbor/ca# pwd
/usr/local/harbor/ca
root@hello:/usr/local/harbor/ca# openssl genrsa -des3 -out server.key 2048
Generating RSA private key, 2048 bit long modulus (2 primes)
......................................+++++
...................................................................................................................................................+++++
e is 65537 (0x010001)
Enter pass phrase for server.key:
Verifying - Enter pass phrase for server.key:
root@hello:/usr/local/harbor/ca# 
root@hello:/usr/local/harbor/ca# 
root@hello:/usr/local/harbor/ca# openssl req -new -key server.key -out server.csr
Enter pass phrase for server.key:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:


Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
root@hello:/usr/local/harbor/ca# 
root@hello:/usr/local/harbor/ca# cp server.key server.key.org
root@hello:/usr/local/harbor/ca# openssl rsa -in server.key.org -out server.key
Enter pass phrase for server.key.org:
writing RSA key
root@hello:/usr/local/harbor/ca# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=C = AU, ST = Some-State, O = Internet Widgits Pty Ltd
Getting Private key
root@hello:/usr/local/harbor/ca#

修改配置文件，修改 hostname 和证书路径即可

Modify the configuration file, modify the hostname and certification path

root@hello:/usr/local/harbor# cp harbor.yml.tmpl harbor.yml
root@hello:/usr/local/harbor# 
root@hello:/usr/local/harbor# vim harbor.yml


root@hello:/usr/local/harbor# cat harbor.yml
# Configuration file of Harbor

hostname: harbor.chenby.cn


# http related config
http:
  # port for http, default is 80. If https enabled, this port will redirect to https port
  port: 80


# https related config
https:
  # https port for harbor, default is 443
  port: 443
  # The path of cert and key files for nginx
  certificate: /usr/local/harbor/ca/server.crt
  private_key: /usr/local/harbor/ca/server.key

harbor_admin_password: Harbor12345

----略----

root@hello:/usr/local/harbor#

安装

Install

root@hello:/usr/local/harbor# ./install.sh

[Step 0]: checking if docker is installed ...

Note: docker version: 20.10.8

[Step 1]: checking docker-compose is installed ...

Note: docker-compose version: 1.29.2

[Step 2]: loading Harbor images ...
Loaded image: goharbor/redis-photon:v2.3.2
Loaded image: goharbor/nginx-photon:v2.3.2
Loaded image: goharbor/harbor-portal:v2.3.2
Loaded image: goharbor/trivy-adapter-photon:v2.3.2
Loaded image: goharbor/chartmuseum-photon:v2.3.2
Loaded image: goharbor/notary-signer-photon:v2.3.2
Loaded image: goharbor/harbor-core:v2.3.2
Loaded image: goharbor/harbor-log:v2.3.2
Loaded image: goharbor/harbor-registryctl:v2.3.2
Loaded image: goharbor/harbor-exporter:v2.3.2
Loaded image: goharbor/notary-server-photon:v2.3.2
Loaded image: goharbor/prepare:v2.3.2
Loaded image: goharbor/harbor-db:v2.3.2
Loaded image: goharbor/harbor-jobservice:v2.3.2
Loaded image: goharbor/registry-photon:v2.3.2

[Step 3]: preparing environment ...

[Step 4]: preparing harbor configs ...
prepare base dir is set to /usr/local/harbor
Clearing the configuration file: /config/portal/nginx.conf
Clearing the configuration file: /config/log/rsyslog_docker.conf
Clearing the configuration file: /config/log/logrotate.conf
Generated configuration file: /config/portal/nginx.conf
Generated configuration file: /config/log/logrotate.conf
Generated configuration file: /config/log/rsyslog_docker.conf
Generated configuration file: /config/nginx/nginx.conf
Generated configuration file: /config/core/env
Generated configuration file: /config/core/app.conf
Generated configuration file: /config/registry/config.yml
Generated configuration file: /config/registryctl/env
Generated configuration file: /config/registryctl/config.yml
Generated configuration file: /config/db/env
Generated configuration file: /config/jobservice/env
Generated configuration file: /config/jobservice/config.yml
Generated and saved secret to file: /data/secret/keys/secretkey
Successfully called func: create_root_cert
Generated configuration file: /compose_location/docker-compose.yml
Clean up the input dir

[Step 5]: starting Harbor ...
Creating network "harbor_harbor" with the default driver
Creating harbor-log ... done
Creating harbor-portal ... done
Creating harbor-db     ... done
Creating registryctl   ... done
Creating redis         ... done
Creating registry      ... done
Creating harbor-core   ... done
Creating harbor-jobservice ... done
Creating nginx             ... done
? ----Harbor has been installed and started successfully.----
root@hello:/usr/local/harbor#

配置dns解析，或者在本地host中配置，具体配置略

Configure dns resolution, or configure in the local host, the specific configuration is omitted

登陆

默认账号：admin

默认密码：Harbor12345

Default account: admin

Default password: Harbor12345

客户端使用

Client use

root@hello:~# vim /etc/docker/daemon.json
root@hello:~# 
root@hello:~# cat /etc/docker/daemon.json
{
  "insecure-registries": ["https://harbor.chenby.cn"]
}
root@hello:~# 
root@hello:~# systemctl daemon-reload
root@hello:~# 
root@hello:~# 
root@hello:~# sudo systemctl restart docker
root@hello:~# docker login https://harbor.chenby.cn/
Username: admin
Password: 
WARNING! Your password will be stored unencrypted in /root/.docker/config.json.
Configure a credential helper to remove this warning. See
https://docs.docker.com/engine/reference/commandline/login/#credentials-store


Login Succeeded
root@hello:~#